<?php

	/**
     * Authentification
	 *
	 * @package      Plugins
	 * @subpackage   Authentification
     * 
     * @license      GNU Lesser General Public Licence see LICENCE-LGPL file or http://www.gnu.org/licenses/lgpl.html
	 */
    class Plugin_Authentification implements Core_Plugin_Interface
    {

	////////////////////////////////////////////////////////////////////////////
	//                                Variables                               //
	////////////////////////////////////////////////////////////////////////////

        /**
         * Plugin configuration values
         *
         * @var Zend_Config
         */
        protected $_config = null;

		/**
		 * Zend_Registry object
		 *
		 * @var Zend_Registry
		 */
		protected $_registry = null;

	////////////////////////////////////////////////////////////////////////////
	//                                 Methods                                //
	////////////////////////////////////////////////////////////////////////////

        /**
         * Returns dependencies list.
         *
         * @return      array
         */
        public function getDependencies()
        {
            return array('Redirect');
        }

        /**
         * Contructor
         *
         * throws       Core_Exception
		 */
        public function __construct()
        {
            $this->_registry = Zend_Registry::getInstance();

            $configuration   = Core_Plugin_Config::getInstance('config.ini.php', $this->_registry['section']);
            $this->_config   = $configuration->{'authentification'};

            if (!empty($this->_config->requires)) {
                $required = explode(',', $this->_config->requires);

                foreach ($required as $module) {
                    if (!array_key_exists($module, $this->_registry['modules'])) {
                        throw new Core_Exception('Missing plugin dependency: ' . $module);
                    }
                }
            }
        }

		/**
		 * Destructor
		 */
		public function __destruct()
		{
			unset($this);
		}

        /**
         * @param       array       $params : plugin parameters for the current action
         * @throws      Core_Exception
         * @return      Core_Selector_Action|null    if action should change
         */
        public function beforeAction($params)
        {
            $selector         = null;
            $authNamespace    = Core_Authentification::getNamespace();
            $end              = $this->_registry['end'];            
            $authRequired     = isset($params['auth.required']) ? ($params['auth.required'] == true) : $this->_config->$end->connection->default;

            if ($authRequired) {
                if (call_user_func($this->_config->$end->method)) {
                    if ($this->_config->$end->connection->secure_ip) {
                        if (!isset($authNamespace->ipAddress)) {
                            $authNamespace->ipAddress = $this->_getIpForSecure();
                        } else {
                            if (($authNamespace->ipAddress != $this->_getIpForSecure())) {
                                $selector = new Core_Selector_GenericAction($this->_config->$end->redirect->logout);
                            }
                        }
                    }
                } else {
                    $selector = new Core_Selector_GenericAction($this->_config->$end->redirect->login);
                }
            }

            return $selector;
        }

        public function beforeOutput() { }
        public function afterProcess() { }

	////////////////////////////////////////////////////////////////////////////
	//                             Private Methods                            //
	////////////////////////////////////////////////////////////////////////////

        /**
        * Gets the IP address of the user
        *
        * This method is heavily based on the article found on
        * phpbuilder.com, and from the comments on the official phpdoc
        *
        * @return       string
        */
        private function _getIpForSecure()
        {
            if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']) {
                $IP_ADDR = $_SERVER['HTTP_X_FORWARDED_FOR'];
            } else if (isset($_SERVER['HTTP_CLIENT_IP']) && $_SERVER['HTTP_CLIENT_IP']) {
                $IP_ADDR = $_SERVER['HTTP_CLIENT_IP'];
            } else {
                $IP_ADDR = $_SERVER['REMOTE_ADDR'];
            }

            // get server ip and resolved it
            $FIRE_IP_ADDR = $_SERVER['REMOTE_ADDR'];
            $ip_resolved = gethostbyaddr($FIRE_IP_ADDR);

            // builds server ip infos string
            $FIRE_IP_LITT = ($FIRE_IP_ADDR != $ip_resolved && $ip_resolved) ? $FIRE_IP_ADDR . ' - '.  $ip_resolved : $FIRE_IP_ADDR;

            // builds client ip full infos string
            $return = ($IP_ADDR != $FIRE_IP_ADDR) ? $IP_ADDR . ' | ' . $FIRE_IP_LITT : $FIRE_IP_LITT;

            return $return;
        }
    }
